ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web applications. It tracks the HTTP traffic to a certain site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script administration area without success many times triggers one rule, sending a request to execute a specific file that could result in getting access to the Internet site triggers another rule, etc. ModSecurity is one of the best firewalls on the market and it'll secure even scripts which are not updated frequently as it can prevent attackers from using known exploits and security holes. Incredibly detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs provided by the Apache server, so you may later examine them and determine whether you need to take more measures so as to increase the safety of your script-driven Internet sites.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting packages, so your web apps will be resistant to malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective section of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you shall find in Hepsia are very detailed and offer data about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, etc. We use a range of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you decide to host your Internet sites with us, there won't be anything special you will have to do as the firewall is switched on by default for all domains and subdomains which you include using your hosting Control Panel. If needed, you could disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall shall still work and record data, but will not do anything to prevent potential attacks against your sites. Detailed logs will be available inside your Control Panel and you will be able to see what sort of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so forth. We use 2 types of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones that our administrators occasionally include to respond to newly found risks in a timely manner.
ModSecurity in VPS Servers
Security is of the utmost importance to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you will not need to do anything personally. You will also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of possible attacks you can later examine, but shall not prevent them. The logs in both passive and active modes include information about the kind of the attack and how it was eliminated, what IP address it came from and other important data which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also use our own rules because from time to time we detect specific attacks which aren't yet present within the commercial group. This way, we can easily enhance the protection of your VPS immediately as opposed to awaiting a certified update.
ModSecurity in Dedicated Servers
All of our dedicated servers that are installed with the Hepsia hosting CP come with ModSecurity, so any application that you upload or install will be protected from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall discover in the logs shall help you to secure your Internet sites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see if an Internet site needs an update, whether you ought to block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well whenever they discover a new threat that is not yet a part of the commercial bundle.